<?php
session_start();
include "connectsql.php";

if (isset($_REQUEST["reg"])) {
	$regflag = $_REQUEST["reg"];
	if ($regflag == "") {
		mysqli_close($link);
		die (ECHO_NO_REGFLAG);
	}		
} else {
	mysqli_close($link);
	die (ECHO_NO_REGFLAG);
}

if (isset($_SESSION["ceo"]) && $_SESSION["ceo"] == true) {
	$manager = $_SESSION["manager"];
} else {
	mysqli_close($link);
	die (ECHO_LOGIN_OVER_TIME);	
}

if ($regflag == FLAG_SET) {
	if (isset($_REQUEST["type"])) {
		$type = $_REQUEST["type"];
		if ($type == "") {
			mysqli_close($link);
			die (ECHO_ERROR);
		}	
	} else {
		mysqli_close($link);
		die (ECHO_ERROR);
	}
	
	if (isset($_REQUEST['remarks'])) {
		$remarks = $_REQUEST['remarks'];
		if ($remarks == "") {
			mysqli_close($link);
			die (ECHO_ERROR);
		}
	} else {
		mysqli_close($link);
		die (ECHO_ERROR);	
	}
	
	if (isset($_REQUEST['user'])) {
		$user = $_REQUEST['user'];
		if ($user == "") {
			mysqli_close($link);
			die (ECHO_ERROR);
		}
	} else {
		mysqli_close($link);
		die (ECHO_ERROR);	
	}
	
	if (isset($_REQUEST['date'])) {
		$date = $_REQUEST['date'];
		if ($date == "") {
			mysqli_close($link);
			die (ECHO_ERROR);
		}
	} else {
		mysqli_close($link);
		die (ECHO_ERROR);	
	}
	
	$sql = "insert into ".SetDB_EXE_TAB($manager)." (`username`,`date`,`type`,`remarks`) values ('".$user."','".$date."','".$type."','".$remarks."')";
	if (mysqli_query($link, $sql)) {
		echo "ok";
	} else {
		mysqli_close($link);
		die (ECHO_MYSQL_ERROR_QUERY_TABLE_TO_INSERT);
	}
} else if ($regflag == FLAG_GET || $regflag == FLAG_DEL) {
	if (isset($_REQUEST["start"])) {
		$start = $_REQUEST["start"];
		if ($start == "") {
			mysqli_close($link);
			die (ECHO_ERROR);
		}
	} else {
		mysqli_close($link);
		die (ECHO_ERROR);
	}	

	if (isset($_REQUEST["end"])) {
		$end = $_REQUEST["end"];
		if ($end == "") {
			mysqli_close($link);
			die (ECHO_ERROR);
		}
	} else {
		mysqli_close($link);
		die (ECHO_ERROR);
	}
	
	if ($regflag == FLAG_GET) {
		$sql = "select * from ".SetDB_EXE_TAB($manager)." where `date` >= '".$start."' and `date` <= '".$end."' order by `id`";
		if ($query = mysqli_query($link, $sql)) {
			$showtxt = "exestart:";
			$num = 0;
			while ($row = mysqli_fetch_assoc($query)) {		
				$user = $row["username"];
				$date = $row["date"];
				$type = $row["type"];
				$remarks = $row["remarks"];
				if ($num != 0) {
					$showtxt .= ";;";
				}
				$showtxt .= $user.",,".$type.",,".$date.",,".$remarks;
				$num++;
			}
			$showtxt .= ":exeover";
			echo $showtxt;
			mysqli_free_result($query);			
		} else {
			mysqli_close($link);
			die (ECHO_MYSQL_ERROR_QUERY_TABLE_TO_FIND);
		}
	} else if ($regflag == FLAG_DEL) {
		$sql = "delete from ".SetDB_EXE_TAB($manager)." where `date` >= '".$start."' and `date` <= '".$end."'";
		if (mysqli_query($link, $sql)) {
			echo "ok";
		} else {
			mysqli_close($link);
			die (ECHO_MYSQL_ERROR_QUERY_TABLE_TO_DEL);
		}
	}
}
mysqli_close($link);
?>

